tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Peter Johnson <>
Subject Re: Systems Architecture Pros and Cons
Date Thu, 13 Oct 2005 09:00:03 GMT
It is possible for Apache to be compromised without Tomcat being 
compromised e.g. an overflow in Apache. So if Apache (or other service 
on the front box) is compromised and the systems are tiered then the 
intruder can only impersonate local actions. If all tiers reside on the 
same server then by compromising Apache or Tomcat the intruder can 
effectively impersonate as either tier.

Leon Rosenberg wrote:
> On 10/13/05, Peter Johnson <> wrote:
>>   Pro: - enhanced security due to tiers
> Why? If tomcat has a security hole, putting an apache in front of it,
> wouldn't change anything, since the security hole would be as exposed
> as with standalone tomcat.
> leon
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, e-mail:

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message